class UsersController < ApplicationController
  layout 'standart'
  # Be sure to include AuthenticationSystem in Application Controller instead
  include AuthenticatedSystem


  # render new.rhtml
  def new
  end

  def edit
    @user = current_user
  end
  
  def update
    @user = current_user
    @user.login = params[:user][:login]
    @user.email = params[:user][:email]
    if params[:user][:password]
        @user.password = params[:user][:password]
        @user.password_confirmation = params[:user][:password_confirmation]
    end
    if @user.save
        flash[:notice] = "User successfully updated!"
        redirect_back_or_default("/me")
    else 
        flash[:error] = "Could not update the user(sorry)!"
        render :controller => :users, :action => :edit
    end
  end

  def create
    cookies.delete :auth_token
    # protects against session fixation attacks, wreaks havoc with 
    # request forgery protection.
    # uncomment at your own risk
    # reset_session
    @user = User.new(params[:user])
    @user.save
    if @user.errors.empty?
      self.current_user = @user
      redirect_back_or_default('/')
      flash[:notice] = "Thanks for signing up! Please check your email for your activation code."
    else
      render :action => 'new'
    end
  end

  def activate
    self.current_user = params[:activation_code].blank? ? false : User.find_by_activation_code(params[:activation_code])
    if logged_in? && !current_user.active?
      current_user.activate
      flash[:notice] = "Signup complete! You may now use your account."
    end
    redirect_back_or_default('/')
  end

end
